Click HERE to see how Saviynt Intelligence is transforming the industry.
|
Click HERE to see how Saviynt Intelligence is transforming the industry.
|
We have a ARS form to request access for a critical App which has some high risk roles.
The form has a dynamic attribute as "Energy IP Permissions". The value in dynamic attribute is coming from a user attribute(customproperty18).
User has a attribute which stores Energy IP Permission values. It is stored in customproperty18 .
Let's assume the End Point has 5 Entitlement(ENT1, ENT2, ENT3, ENT4 and ENT5). All the 5 entitlement are imported under same entitlement type.
Use case:
1. If the User has customproperty18 value as Class IV or Class III then user should be able submit request for ENT1 but if customproperty18 is null or any other value than Class IV or Class III then they should not able to submit request for ENT1 .
2. If the user has customproperty18 value as Class II then user should be able submit request for ENT2 but if customproperty18 is null or any other value than Class IV or Class III then they should not able to submit request for ENT2 .
3. The remaining 3 Entitlements(ENT3, ENT4 and ENT5) can be accessed by all user base.
We are trying to accomplish this by below process:
1. We have added a dynamic attribute to display the value of Energy IP Permission:
2. We also added the Energy IP Permission values in 1 of the customproperty of entitlement.
3. Added the condition under entitlement type like below:
Question: : It doesn't work as per the use case. As you can see the Energy IP Permission could have multiple values. Like Class IV or Class III or Class II or null, it could be more as well. How do we manage multiple values in ustomproperty of entitlement?
